Skip to content

DGA-MI-SSI/T-Brop

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
t-brop
t-brop
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Since the authors left DGA-MI, the project moved to clslgrnc/tbrop. Do not expect significantly more activity though...

PoC

The Dockerfile can be used as a crude installation instruction.

To build with docker:

sudo docker build -t tbrop .

To analyse /FULL/LOCAL/PATH/FILE:

sudo docker run --rm -it -v /FULL/LOCAL/PATH/FILE:/app/FILE:ro tbrop /app/FILE

It should (eventually) bring you to an ipython shell where you can do stuff like:

for g in gdgtCollection.gdgtCollection:
  if g.gadgetMatrix.matrix[X86_REG_RSP,X86_REG_RAX] \
  and g.gadgetMatrix.chainCond[0,X86_REG_RCX]:
    print(hex(g.getAddress()),g)

More info here (in french) or there.

This is still a PoC

It'll get worse before it gets better... hopefully.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

21 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages